People who use wearable gadgets to monitor their health or activity can be tracked with only $70 (£40) of hardware, research suggests.
The work, carried out by security firm Symantec, used a Raspberry Pi computer to grab data broadcast by the gadgets.
The snooping Pi was taken to parks and sporting events where it was able to pick out individuals in the crowds.
Symantec said makers of wearables need to do a better job of protecting privacy and handling data they gather.
The research team used a barebones Raspberry Pi computer to which they added a Bluetooth radio module to help sniff for signals. At no time did the device try to connect to any wearable. Rather, it just scooped up data being broadcast from gadgets close by.
Symantec said the eavesdropping was possible because most wearables were very simple devices that communicated with a smartphone or a laptop when passing on data they have collected.
The researchers, Mario Barcena, Candid Wueest and Hon Lau, took their Pi to busy public places in Switzerland and Ireland, including sporting events, to see what data they could grab.
“All the devices we encountered can be easily tracked using the unique hardware address they transmit,” the team wrote in a blogpost.
Some of the devices picked up were also susceptible to being probed remotely to make them reveal serial numbers or other identifying information. It would be “trivial”, said the researchers, for anyone with a modicum of computer and electronics knowledge to gather this information.
Each Friday is PiDay here at Adafruit! Be sure to check out our posts, tutorials and new Raspberry Pi related products. Adafruit has the largest and best selection of Raspberry Pi accessories and all the code & tutorials to get you up and running in no time!